## : IPSEC Daemon, ver 1.1.0
## : Copyright 2006 Shrew Soft Inc.
## : This product linked OpenSSL 0.9.8a 11 Oct 2005
ii : opened 'dump-frg.cap'
ii : opened 'dump-prv.cap'
ii : rebuilding vnet device list ...
ii : device ROOT\VNET\0000 disabled
ii : rebuilding vprot interface list ...
ii : skipping interface with null address
ii : interface IP=206.197.64.216, MTU=1500, MAC=00:0b:db:76:c1:9d active
ii : 1 adapter(s) active
ii : recv DNS packet from 204.130.132.2
ii : client ctrl thread begin ...
DB : tunnel added
DB : tunnel dereferenced ( ref count = 0, tunnel count = 1 )
ii : peer config message received
DB : ipsec peer not found
ii : local address selected for peer
ii : 206.197.64.216 ( Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport )
ii : user credentials message received
ii : '\Documents and Settings\peter\Desktop\certs\cow.visionshareinc.com\ca.crt' loaded
ii : tunnel enable message received
DB : new phase1 sa ( ISAKMP initiator )
DB : exchange type is aggressive
DB : 206.197.64.216:500 <-> 66.162.50.84:500
DB : c6faadc80964e00d:0000000000000000
DB : phase1 sa added
>> : security association payload
>> : key exchange payload
>> : nonce payload
>> : identification payload
>> : vendor id payload
>> : vendor id payload
>> : vendor id payload
>> : vendor id payload
>> : vendor id payload
>> : vendor id payload
-> : send IKE packet to 66.162.50.84:500 ( 364 bytes )
DB : phase1 sa dereferenced ( ref count = 0, phase1 count = 1 )
<- : recv IKE packet from 66.162.50.84:500 ( 548 bytes )
DB : ipsec peer found
DB : phase1 sa found
<< : fragment payload
ii : ike fragment received, waiting on complete packet
DB : phase1 sa dereferenced ( ref count = 0, phase1 count = 1 )
DB : tunnel dereferenced ( ref count = 1, tunnel count = 1 )
<- : recv IKE packet from 66.162.50.84:500 ( 548 bytes )
DB : ipsec peer found
DB : phase1 sa found
<< : fragment payload
ii : ike fragment received, waiting on complete packet
DB : phase1 sa dereferenced ( ref count = 0, phase1 count = 1 )
DB : tunnel dereferenced ( ref count = 1, tunnel count = 1 )
<- : recv IKE packet from 66.162.50.84:500 ( 548 bytes )
DB : ipsec peer found
DB : phase1 sa found
<< : fragment payload
ii : ike fragment received, waiting on complete packet
DB : phase1 sa dereferenced ( ref count = 0, phase1 count = 1 )
DB : tunnel dereferenced ( ref count = 1, tunnel count = 1 )
<- : recv IKE packet from 66.162.50.84:500 ( 416 bytes )
DB : ipsec peer found
DB : phase1 sa found
<< : fragment payload
ii : ike fragment received, processing complete packet
<< : security association payload
ii : matched phase1 proposal
ii : - protocol     = isakmp
ii : - transform    = ike
ii : - key length   = default
ii : - cipher type  = 3des
ii : - hash type    = md5
ii : - dh group     = modp-1024
ii : - auth type    = hybrid-initiator-rsa
ii : - life seconds = 86400
ii : - life kbytes  = 0
<< : key exchange payload
<< : nonce payload
<< : identification payload
<< : certificate payload
<< : signature payload
<< : vendor id payload
ii : peer supports XAUTH
<< : vendor id payload
ii : peer supports UNITY
<< : cert request payload
<< : vendor id payload
ii : peer supports NAT-T RFC
<< : nat discovery payload
ii : nat discovery - our address is translated
<< : nat discovery payload
ii : nat discovery - peers address is translated
<< : vendor id payload
ii : peer supports DPDv1
== : DH shared secret ( 128 bytes )
== : SETKEYID ( 16 bytes )
== : SETKEYID_d ( 16 bytes )
== : SETKEYID_a ( 16 bytes )
== : SETKEYID_e ( 16 bytes )
== : cipher key ( 32 bytes )
== : cipher iv ( 8 bytes )
== : phase1 hash_i ( computed ) ( 16 bytes )
ii : switching to NAT-T UDP port 4500
>> : hash payload
>> : nat discovery payload
>> : nat discovery payload
>= : encrypt iv ( 8 bytes )
=> : encrypt packet ( 88 bytes )
== : stored iv ( 8 bytes )
-> : send NAT-T:IKE packet to 66.162.50.84:4500 ( 92 bytes )
ii : unable to get certificate CRL(3) at depth:0
ii : subject :/C=US/ST=Minnesota/L=Minneapolis/O=VisionShare, Inc./OU=Managed Services/CN=cow.visionshareinc.com/emailAddress=peter.eisch@visionshareinc.com
ii : unable to get certificate CRL(3) at depth:1
ii : subject :/C=US/ST=Minnesota/L=Minneapolis/O=VisionShare, Inc./OU=Managed Services/CN=vpnca.visionshareinc.com/emailAddress=peter.eisch@visionshareinc.com
== : phase1 hash_r ( computed ) ( 16 bytes )
== : phase1 hash_r ( received ) ( 16 bytes )
ii : phase1 sa established
ii : 206.197.64.216:4500 <-> 66.162.50.84:4500
ii : c6faadc8964e00d:f421ee76a6b3acb0
>> : hash payload
>> : notification payload
== : new informational hash ( 16 bytes )
== : new phase2 iv ( 8 bytes )
>= : encrypt iv ( 8 bytes )
=> : encrypt packet ( 76 bytes )
== : stored iv ( 8 bytes )
-> : send NAT-T:IKE packet to 66.162.50.84:4500 ( 76 bytes )
ii : sent peer notification, INITIAL-CONTACT
ii : 206.197.64.216 -> 66.162.50.84
ii : isakmp spi = c6faadc80964e00d:f421ee76a6b3acb0
ii : data size 0
DB : phase1 sa dereferenced ( ref count = 0, phase1 count = 1 )
DB : tunnel dereferenced ( ref count = 1, tunnel count = 1 )
<- : recv NAT-T:IKE packet from 66.162.50.84:4500 ( 76 bytes )
DB : ipsec peer found
DB : phase1 sa found
DB : config not found
DB : config added
== : new phase2 iv ( 8 bytes )
=< : decrypt iv ( 8 bytes )
<= : decrypt packet ( 76 bytes )
== : stored iv ( 8 bytes )
<< : hash payload
<< : attribute payload
== : informational hash_i ( computed ) ( 16 bytes )
== : informational hash_c ( computed ) ( 16 bytes )
ii : configure hash verified
ii : received xauth request
>> : hash payload
>> : attribute payload
== : new configure hash ( 16 bytes )
>= : encrypt iv ( 8 bytes )
=> : encrypt packet ( 82 bytes )
== : stored iv ( 8 bytes )
-> : send NAT-T:IKE packet to 66.162.50.84:4500 ( 84 bytes )
DB : config dereferenced ( ref count = 0, config count = 1 )
ii : sent xauth reply with 'peisch' credentials
DB : config deleted
DB : tunnel dereferenced ( ref count = 2, tunnel count = 1 )
DB : phase1 sa dereferenced ( ref count = 0, phase1 count = 1 )
DB : tunnel dereferenced ( ref count = 1, tunnel count = 1 )
<- : recv NAT-T:IKE packet from 66.162.50.84:4500 ( 68 bytes )
DB : ipsec peer found
DB : phase1 sa found
DB : config not found
DB : config added
== : new phase2 iv ( 8 bytes )
=< : decrypt iv ( 8 bytes )
<= : decrypt packet ( 68 bytes )
== : stored iv ( 8 bytes )
<< : hash payload
<< : attribute payload
== : informational hash_i ( computed ) ( 16 bytes )
== : informational hash_c ( computed ) ( 16 bytes )
ii : configure hash verified
ii : received xauth result
ii : user authentication succeeded
>> : hash payload
>> : attribute payload
== : new configure hash ( 16 bytes )
>= : encrypt iv ( 8 bytes )
=> : encrypt packet ( 56 bytes )
== : stored iv ( 8 bytes )
-> : send NAT-T:IKE packet to 66.162.50.84:4500 ( 60 bytes )
DB : config dereferenced ( ref count = 0, config count = 1 )
DB : config added
== : new phase2 iv ( 8 bytes )
ii : determining required modecfg attributes
ii : - IP4 Address
ii : - IP4 Netamask
ii : - IP4 DNS Server
ii : - IP4 DNS Suffix
ii : - Split DNS Domains
ii : - IP4 WINS Server
ii : - IP4 Split Network Include List
ii : - IP4 Split Network Exclude List
ii : - Login Banner
ii : sending isakmp config request
>> : hash payload
>> : attribute payload
== : new configure hash ( 16 bytes )
>= : encrypt iv ( 8 bytes )
=> : encrypt packet ( 92 bytes )
== : stored iv ( 8 bytes )
-> : send NAT-T:IKE packet to 66.162.50.84:4500 ( 92 bytes )
DB : config dereferenced ( ref count = 0, config count = 2 )
DB : config deleted
DB : tunnel dereferenced ( ref count = 3, tunnel count = 1 )
DB : phase1 sa dereferenced ( ref count = 0, phase1 count = 1 )
DB : tunnel dereferenced ( ref count = 2, tunnel count = 1 )
<- : recv NAT-T:IKE packet from 66.162.50.84:4500 ( 180 bytes )
DB : ipsec peer found
DB : phase1 sa found
DB : config found
=< : decrypt iv ( 8 bytes )
<= : decrypt packet ( 180 bytes )
== : stored iv ( 8 bytes )
<< : hash payload
<< : attribute payload
== : informational hash_i ( computed ) ( 16 bytes )
== : informational hash_c ( computed ) ( 16 bytes )
ii : configure hash verified
ii : received isakmp config reply
ii : - IP4 Address = 10.1.202.1
ii : - IP4 Netmask = 255.255.255.0
ii : - IP4 DNS Server = 10.1.100.126
ii : - IP4 WINS Server = 10.1.100.126
ii : - Login Banner = NetBSD 3.0_STABLE (PETER-GW) #7: Tue Jul 11 10:03:05 CDT 2006

Welcome to NetBSD!


DB : config dereferenced ( ref count = 0, config count = 1 )
DB : config deleted
DB : tunnel dereferenced ( ref count = 2, tunnel count = 1 )
DB : phase1 sa dereferenced ( ref count = 0, phase1 count = 1 )
DB : tunnel dereferenced ( ref count = 1, tunnel count = 1 )
ii : client recv thread begin ...
ii : enabled adapter ROOT\VNET\0000
ii : added host route for remote peer
ii : added tunnel default route
DB : phase1 sa found
DB : phase1 sa dereferenced ( ref count = 0, phase1 count = 1 )
ii : inspecting VNet ARP request ...
DB : phase2 sa not found
DB : phase2 sa not found
DB : phase2 sa not found
DB : phase1 sa found
DB : new phase2 sa ( IPSEC initiator )
DB : phase2 sa added
== : new phase2 iv ( 8 bytes )
>> : hash payload
>> : security association payload
>> : nonce payload
>> : key exchange payload
>> : identification payload
>> : identification payload
== : phase2 hash_i ( computed ) ( 16 bytes )
>= : encrypt iv ( 8 bytes )
=> : encrypt packet ( 288 bytes )
== : stored iv ( 8 bytes )
-> : send NAT-T:IKE packet to 66.162.50.84:4500 ( 292 bytes )
ii : rebuilding vprot interface list ...
ii : interface IP=10.1.202.1, MTU=1500, MAC=aa:aa:aa:aa:aa:00 active
ii : skipping interface with null address
ii : interface IP=206.197.64.216, MTU=1500, MAC=00:0b:db:76:c1:9d active
ii : 2 adapter(s) active
DB : phase2 sa dereferenced ( ref count = 0, phase2 count = 1 )
DB : phase1 sa dereferenced ( ref count = 0, phase1 count = 1 )
ii : outbound packet has been queued
ii : no mature sa found for 10.1.202.1 -> 224.0.0.22
<- : recv NAT-T:IKE packet from 66.162.50.84:4500 ( 316 bytes )
DB : ipsec peer found
DB : phase1 sa found
DB : phase2 sa found
=< : decrypt iv ( 8 bytes )
<= : decrypt packet ( 316 bytes )
== : stored iv ( 8 bytes )
<< : hash payload
<< : security association payload
ii : matched phase2 proposal
ii : - protocol     = ipsec-esp
ii : - encap mode   = udp-tunnel v02
ii : - transform    = esp-3des
ii : - key length   = default
ii : - auth type    = hmac-md5
ii : - pfs dh group = modp-1024
ii : - life seconds = 3600
ii : - life kbytes  = 0
<< : nonce payload
<< : key exchange payload
<< : identification payload
<< : identification payload
<< : notification payload
ii : received peer notification, RESPONDER-LIFETIME
ii : 66.162.50.84 -> 206.197.64.216
ii : ipsec-esp spi = 0x0f1b0de8
ii : data size 12
ii : phase2 ids match 10.1.202.1 -> 0.0.0.0/0.0.0.0
== : phase2 hash_r ( computed ) ( 16 bytes )
== : phase2 hash_r ( received ) ( 16 bytes )
!! : phase2 sa rejected, responder quick mode hash invalid
!! : 206.197.64.216:4500 <-> 66.162.50.84:4500
DB : phase2 sa dereferenced ( ref count = 0, phase2 count = 1 )
DB : phase1 sa dereferenced ( ref count = 0, phase1 count = 1 )
DB : tunnel dereferenced ( ref count = 2, tunnel count = 1 )
ii : inspecting VNet ARP request ...
ii : responding to VNet ARP request for 10.1.100.126
DB : phase2 sa not found
DB : phase2 sa not found
DB : phase2 sa found
ii : unable to process outbound packet
ii : no mature sa found for 10.1.202.1 -> 10.1.100.126
ii : inspecting VNet ARP request ...
DB : phase2 sa deleted after expire time
DB : tunnel dereferenced ( ref count = 1, tunnel count = 1 )
DB : phase2 sa not found
DB : phase2 sa not found
DB : phase2 sa not found
DB : phase1 sa found
DB : new phase2 sa ( IPSEC initiator )
DB : phase2 sa added
== : new phase2 iv ( 8 bytes )
>> : hash payload
>> : security association payload
>> : nonce payload
>> : key exchange payload
>> : identification payload
>> : identification payload
== : phase2 hash_i ( computed ) ( 16 bytes )
>= : encrypt iv ( 8 bytes )
=> : encrypt packet ( 288 bytes )
== : stored iv ( 8 bytes )
-> : send NAT-T:IKE packet to 66.162.50.84:4500 ( 292 bytes )
DB : phase2 sa dereferenced ( ref count = 0, phase2 count = 1 )
DB : phase1 sa dereferenced ( ref count = 0, phase1 count = 1 )
ii : outbound packet has been queued
ii : no mature sa found for 10.1.202.1 -> 10.1.100.126
<- : recv NAT-T:IKE packet from 66.162.50.84:4500 ( 316 bytes )
DB : ipsec peer found
DB : phase1 sa found
DB : phase2 sa found
=< : decrypt iv ( 8 bytes )
<= : decrypt packet ( 316 bytes )
== : stored iv ( 8 bytes )
<< : hash payload
<< : security association payload
ii : matched phase2 proposal
ii : - protocol     = ipsec-esp
ii : - encap mode   = udp-tunnel v02
ii : - transform    = esp-3des
ii : - key length   = default
ii : - auth type    = hmac-md5
ii : - pfs dh group = modp-1024
ii : - life seconds = 3600
ii : - life kbytes  = 0
<< : nonce payload
<< : key exchange payload
<< : identification payload
<< : identification payload
<< : notification payload
ii : received peer notification, RESPONDER-LIFETIME
ii : 66.162.50.84 -> 206.197.64.216
ii : ipsec-esp spi = 0x05786b5c
ii : data size 12
ii : phase2 ids match 10.1.202.1 -> 0.0.0.0/0.0.0.0
== : phase2 hash_r ( computed ) ( 16 bytes )
== : phase2 hash_r ( received ) ( 16 bytes )
!! : phase2 sa rejected, responder quick mode hash invalid
!! : 206.197.64.216:4500 <-> 66.162.50.84:4500
DB : phase2 sa dereferenced ( ref count = 0, phase2 count = 1 )
DB : phase1 sa dereferenced ( ref count = 0, phase1 count = 1 )
DB : tunnel dereferenced ( ref count = 2, tunnel count = 1 )
DB : phase2 sa deleted after expire time
DB : tunnel dereferenced ( ref count = 1, tunnel count = 1 )
DB : phase2 sa not found
DB : phase2 sa not found
DB : phase2 sa not found
DB : phase1 sa found
DB : new phase2 sa ( IPSEC initiator )
DB : phase2 sa added
== : new phase2 iv ( 8 bytes )
>> : hash payload
>> : security association payload
>> : nonce payload
>> : key exchange payload
>> : identification payload
>> : identification payload
== : phase2 hash_i ( computed ) ( 16 bytes )
>= : encrypt iv ( 8 bytes )
=> : encrypt packet ( 288 bytes )
== : stored iv ( 8 bytes )
-> : send NAT-T:IKE packet to 66.162.50.84:4500 ( 292 bytes )
DB : phase2 sa dereferenced ( ref count = 0, phase2 count = 1 )
DB : phase1 sa dereferenced ( ref count = 0, phase1 count = 1 )
ii : outbound packet has been queued
ii : no mature sa found for 10.1.202.1 -> 10.1.100.126
<- : recv NAT-T:IKE packet from 66.162.50.84:4500 ( 316 bytes )
DB : ipsec peer found
DB : phase1 sa found
DB : phase2 sa found
=< : decrypt iv ( 8 bytes )
<= : decrypt packet ( 316 bytes )
== : stored iv ( 8 bytes )
<< : hash payload
<< : security association payload
ii : matched phase2 proposal
ii : - protocol     = ipsec-esp
ii : - encap mode   = udp-tunnel v02
ii : - transform    = esp-3des
ii : - key length   = default
ii : - auth type    = hmac-md5
ii : - pfs dh group = modp-1024
ii : - life seconds = 3600
ii : - life kbytes  = 0
<< : nonce payload
<< : key exchange payload
<< : identification payload
<< : identification payload
<< : notification payload
ii : received peer notification, RESPONDER-LIFETIME
ii : 66.162.50.84 -> 206.197.64.216
ii : ipsec-esp spi = 0x06edd894
ii : data size 12
ii : phase2 ids match 10.1.202.1 -> 0.0.0.0/0.0.0.0
== : phase2 hash_r ( computed ) ( 16 bytes )
== : phase2 hash_r ( received ) ( 16 bytes )
!! : phase2 sa rejected, responder quick mode hash invalid
!! : 206.197.64.216:4500 <-> 66.162.50.84:4500
DB : phase2 sa dereferenced ( ref count = 0, phase2 count = 1 )
DB : phase1 sa dereferenced ( ref count = 0, phase1 count = 1 )
DB : tunnel dereferenced ( ref count = 2, tunnel count = 1 )
DB : phase2 sa deleted after expire time
DB : tunnel dereferenced ( ref count = 1, tunnel count = 1 )
DB : phase2 sa not found
DB : phase2 sa not found
DB : phase2 sa not found
DB : phase1 sa found
DB : new phase2 sa ( IPSEC initiator )
DB : phase2 sa added
== : new phase2 iv ( 8 bytes )
>> : hash payload
>> : security association payload
>> : nonce payload
>> : key exchange payload
>> : identification payload
>> : identification payload
== : phase2 hash_i ( computed ) ( 16 bytes )
>= : encrypt iv ( 8 bytes )
=> : encrypt packet ( 288 bytes )
== : stored iv ( 8 bytes )
-> : send NAT-T:IKE packet to 66.162.50.84:4500 ( 292 bytes )
DB : phase2 sa dereferenced ( ref count = 0, phase2 count = 1 )
DB : phase1 sa dereferenced ( ref count = 0, phase1 count = 1 )
ii : outbound packet has been queued
ii : no mature sa found for 10.1.202.1 -> 10.1.100.126
<- : recv NAT-T:IKE packet from 66.162.50.84:4500 ( 316 bytes )
DB : ipsec peer found
DB : phase1 sa found
DB : phase2 sa found
=< : decrypt iv ( 8 bytes )
<= : decrypt packet ( 316 bytes )
== : stored iv ( 8 bytes )
<< : hash payload
<< : security association payload
ii : matched phase2 proposal
ii : - protocol     = ipsec-esp
ii : - encap mode   = udp-tunnel v02
ii : - transform    = esp-3des
ii : - key length   = default
ii : - auth type    = hmac-md5
ii : - pfs dh group = modp-1024
ii : - life seconds = 3600
ii : - life kbytes  = 0
<< : nonce payload
<< : key exchange payload
<< : identification payload
<< : identification payload
<< : notification payload
ii : received peer notification, RESPONDER-LIFETIME
ii : 66.162.50.84 -> 206.197.64.216
ii : ipsec-esp spi = 0x0643e37f
ii : data size 12
ii : phase2 ids match 10.1.202.1 -> 0.0.0.0/0.0.0.0
== : phase2 hash_r ( computed ) ( 16 bytes )
== : phase2 hash_r ( received ) ( 16 bytes )
!! : phase2 sa rejected, responder quick mode hash invalid
!! : 206.197.64.216:4500 <-> 66.162.50.84:4500
DB : phase2 sa dereferenced ( ref count = 0, phase2 count = 1 )
DB : phase1 sa dereferenced ( ref count = 0, phase1 count = 1 )
DB : tunnel dereferenced ( ref count = 2, tunnel count = 1 )
DB : phase2 sa deleted after expire time
DB : tunnel dereferenced ( ref count = 1, tunnel count = 1 )
<- : recv NAT-T:IKE packet from 66.162.50.84:4500 ( 84 bytes )
DB : ipsec peer found
DB : phase1 sa found
== : new phase2 iv ( 8 bytes )
=< : decrypt iv ( 8 bytes )
<= : decrypt packet ( 84 bytes )
== : stored iv ( 8 bytes )
<< : hash payload
<< : notification payload
== : informational hash_i ( computed ) ( 16 bytes )
== : informational hash_c ( computed ) ( 16 bytes )
ii : informational hash verified
ii : received peer notification, DPDV1-R-U-THERE
ii : 66.162.50.84 -> 206.197.64.216
ii : isakmp spi = c6faadc80964e00d:f421ee76a6b3acb0
ii : data size 4
>> : hash payload
>> : notification payload
== : new informational hash ( 16 bytes )
== : new phase2 iv ( 8 bytes )
>= : encrypt iv ( 8 bytes )
=> : encrypt packet ( 80 bytes )
== : stored iv ( 8 bytes )
-> : send NAT-T:IKE packet to 66.162.50.84:4500 ( 84 bytes )
ii : sent peer notification, DPDV1-R-U-THERE-ACK
ii : 206.197.64.216 -> 66.162.50.84
ii : isakmp spi = c6faadc80964e00d:f421ee76a6b3acb0
ii : data size 4
DB : phase1 sa dereferenced ( ref count = 0, phase1 count = 1 )
DB : tunnel dereferenced ( ref count = 1, tunnel count = 1 )
DB : phase2 sa not found
DB : phase2 sa not found
DB : phase2 sa not found
DB : phase1 sa found
DB : new phase2 sa ( IPSEC initiator )
DB : phase2 sa added
== : new phase2 iv ( 8 bytes )
>> : hash payload
>> : security association payload
>> : nonce payload
>> : key exchange payload
>> : identification payload
>> : identification payload
== : phase2 hash_i ( computed ) ( 16 bytes )
>= : encrypt iv ( 8 bytes )
=> : encrypt packet ( 288 bytes )
== : stored iv ( 8 bytes )
-> : send NAT-T:IKE packet to 66.162.50.84:4500 ( 292 bytes )
DB : phase2 sa dereferenced ( ref count = 0, phase2 count = 1 )
DB : phase1 sa dereferenced ( ref count = 0, phase1 count = 1 )
ii : outbound packet has been queued
ii : no mature sa found for 10.1.202.1 -> 10.1.100.126
<- : recv NAT-T:IKE packet from 66.162.50.84:4500 ( 316 bytes )
DB : ipsec peer found
DB : phase1 sa found
DB : phase2 sa found
=< : decrypt iv ( 8 bytes )
<= : decrypt packet ( 316 bytes )
== : stored iv ( 8 bytes )
<< : hash payload
<< : security association payload
ii : matched phase2 proposal
ii : - protocol     = ipsec-esp
ii : - encap mode   = udp-tunnel v02
ii : - transform    = esp-3des
ii : - key length   = default
ii : - auth type    = hmac-md5
ii : - pfs dh group = modp-1024
ii : - life seconds = 3600
ii : - life kbytes  = 0
<< : nonce payload
<< : key exchange payload
<< : identification payload
<< : identification payload
<< : notification payload
ii : received peer notification, RESPONDER-LIFETIME
ii : 66.162.50.84 -> 206.197.64.216
ii : ipsec-esp spi = 0x0b20dab8
ii : data size 12
ii : phase2 ids match 10.1.202.1 -> 0.0.0.0/0.0.0.0
== : phase2 hash_r ( computed ) ( 16 bytes )
== : phase2 hash_r ( received ) ( 16 bytes )
!! : phase2 sa rejected, responder quick mode hash invalid
!! : 206.197.64.216:4500 <-> 66.162.50.84:4500
DB : phase2 sa dereferenced ( ref count = 0, phase2 count = 1 )
DB : phase1 sa dereferenced ( ref count = 0, phase1 count = 1 )
DB : tunnel dereferenced ( ref count = 2, tunnel count = 1 )
DB : phase2 sa deleted after expire time
DB : tunnel dereferenced ( ref count = 1, tunnel count = 1 )
ii : tunnel enable message received
ii : bringing down tunnel ...
DB : removing all tunnel refrences
ii : removed host route for remote peer
ii : removed tunnel default route
<- : recv NAT-T:IKE packet from 66.162.50.84:4500 ( 316 bytes )
DB : ipsec peer found
DB : phase1 sa found
DB : phase2 sa not found
DB : new phase2 sa ( IPSEC responder )
DB : phase2 sa added
== : new phase2 iv ( 8 bytes )
=< : decrypt iv ( 8 bytes )
<= : decrypt packet ( 316 bytes )
== : stored iv ( 8 bytes )
<< : hash payload
!! : invalid hash size ( 19230 != 16 )
DB : phase1 sa dereferenced ( ref count = 0, phase1 count = 1 )
DB : tunnel dereferenced ( ref count = 2, tunnel count = 1 )
ii : disabled adapter ROOT\VNET\0000
ii : client recv thread exit ...
DB : tunnel dereferenced ( ref count = 1, tunnel count = 1 )
ii : client ctrl thread exit ...
>> : hash payload
>> : notification payload
== : new informational hash ( 16 bytes )
== : new phase2 iv ( 8 bytes )
>= : encrypt iv ( 8 bytes )
=> : encrypt packet ( 76 bytes )
== : stored iv ( 8 bytes )
-> : send NAT-T:IKE packet to 66.162.50.84:4500 ( 76 bytes )
ii : rebuilding vprot interface list ...
ii : skipping interface with null address
ii : interface IP=206.197.64.216, MTU=1500, MAC=00:0b:db:76:c1:9d active
ii : 1 adapter(s) active
ii : sent peer SA DELETE message
ii : 206.197.64.216 -> 66.162.50.84
ii : isakmp spi = c6faadc80964e00d:f421ee76a6b3acb0
DB : phase1 sa deleted before expire time
DB : tunnel dereferenced ( ref count = 0, tunnel count = 1 )
ii : client ctrl thread begin ...
DB : tunnel added
DB : tunnel dereferenced ( ref count = 0, tunnel count = 2 )
ii : peer config message received
DB : ipsec peer found
!! : duplicate definition for 0.0.0.0
DB : removing all tunnel refrences
DB : tunnel deleted ( tunnel count = 1 )
ii : client ctrl thread exit ...
ii : client ctrl thread begin ...
DB : tunnel added
DB : tunnel dereferenced ( ref count = 0, tunnel count = 2 )
ii : peer config message received
DB : ipsec peer found
!! : duplicate definition for 0.0.0.0
DB : removing all tunnel refrences
DB : tunnel deleted ( tunnel count = 1 )
ii : client ctrl thread exit ...